<?php

session_start();
$userName = $_POST['username'];
$passWord = $_POST['password'];
//echo $userName;
//echo $passWord;

		$con = mysql_connect("localhost", "group5", "group5");//change when moving between wamp
        if(!$con)
        {
            echo "Error: Failed to Connect to Database.";
            exit;
        }
		
		mysql_select_db("group5");//change when moving between wamp

		$safeUName = mysql_real_escape_String($userName, $con);
		$safePassword = mysql_real_escape_String($passWord, $con);
		
		$query = "select * FROM USER_LOGIN WHERE userName ='$safeUName' AND userPassword ='$safePassword';";
		$result = mysql_query($query, $con);
		
		$numResults = mysql_num_rows($result);
		
		if ($numResults > 0)
		{
			while($row = mysql_fetch_row($result))
			{
				$userLoginId = $row[0];
				$userName = $row[1];
				$userPassword = $row[2];
				$userId = $row[3];
						
				if ($safeUName == $userName and $safePassword == $userPassword)
				{
					
					$_SESSION['userId'] = $userId;
					header('Location:viewSessions.php');
				}//end if
				else
				{
					header("Location:index.php?errMsg=Credentials failure.");
				}	
			}//end while
		}//end if
		else
		{
			header("Location:index.php?errMsg=Credentials failure.");
		}//end else
		

?>